Hackers exploit NSA’s top 25 vulnerabilities 7X more than other flaws
October 2020 by Check Point
Last week, the US National Security Agency (NSA) published a list of the top 25 publicly known vulnerabilities most often scanned for and targeted by state-sponsored attackers linked to China, to gain access to networks.
Security researchers at Check Point conducted an analysis to highlight the severity of the 25 vulnerabilities outlined in NSA’s report. Their findings show that on average, those vulnerabilities were exploited 7 times more comparing to other vulnerabilities in 2020.
Deeper investigation showed that the exploited vulnerabilities were used to launch 3 million attacks in 2020, with 2.5 million of those attacks occurring in the last 6 months. Each of these attacks were thwarted by Check Point. Compared to other cyber security vendors, Check Point has the highest protection rate against the 25 vulnerabilities listed by the NSA.
Top 5 most attacked countries via NSA’s 25
All in all, the attacks exploiting the top 25 vulnerabilities in NSA’s report targeted 161 countries worldwide. Check Point researchers ranked the top 5 attacked countries:
3. United Kingdom
5. The Netherlands
Attacks by industry
The attacks documented in researchers’ analysis affected a range of industries globally in the last 6 months. In the United States, almost 30% of the attacks targeted Government/Military victims, which marks 31% more in comparison to the rest of the world.
Adi Ikan, Network Research & Protection Group Manager at Check Point said: “The NSA listed these 25 vulnerabilities for good reasons: they’re very serious. We decided to conduct an analysis to demonstrate the degree to which hackers have leaned on these vulnerabilities. The numbers behind the list are staggering. The fact, that on average, those vulnerabilities were exploited 7 times more compared to other vulnerabilities in 2020 shows how hackers focus their efforts around specific flaws that they know are widespread. Check Point thwarted over 3M attacks related to these vulnerabilities in 2020, and we have the highest protection rate for each of the 25 vulnerabilities outlined by the NSA.
“It’s clear that hackers today are using more sophisticated ways to conduct severe attacks on networks, in order to create damage and disruption. In the run-up to the U.S. presidential election, if any election system uses any of these platforms, they could be a target for hackers, unless systems get patched. We strong urge organizations everywhere to implement patches for the 25 vulnerabilities outlined in NSA’s report – one by one.”
All 25 security bugs are well known and have patches available from their vendors. However, the NSA urged public and private sectors to apply patches or mitigations to prevent attacks, saying that “most of the vulnerabilities on the NSA’s list can be exploited to gain initial access into victim networks using products that are directly accessible from the Internet and act as gateways into internal networks.”
Security tips to keep your organization safe
1. Patch your servers. We strongly recommend users to patch their servers in order to prevent the exploitation of such vulnerabilities. All 25 security bugs are well known and have patches available from their vendors, ready to be installed.
2. Use IPS. Intrusion Prevention Systems (IPS) prevent attempts to exploit weaknesses in vulnerable systems or applications, protecting you in the race to exploit the latest breaking threat. Updated IPS helps your organization stay protected.
3. Protect your endpoints. Conventional signature-based Anti-Virus is a highly efficient solution for preventing known attacks and should definitely be implemented in any organization, as it protects against a majority of the malware attacks that an organization faces. In addition, comprehensive endpoint protection at the highest security level is crucial in order to avoid security breaches and data compromises